"Multiple Vulnerabilities in Snort Preprocessors" raise an IDS question....
Posted Apr 18, 2003 8:06 UTC (Fri) by
naughty-artkitekt (guest, #10552)
Parent article:
Multiple Vulnerabilities in Snort Preprocessors
When one appreciates the risks of intrusions and unwanted guests, and when
one then reads an article such as:
http://www.theregister.co.uk/content/55/30320.html
One MUST ask the following question: "INT WTF?" (communicators' speak for
"Interrogative: What the F*CK?"), but with a long series of exclamation marks.
This narrow and (seemingly) fiendish federal interpretation of the use of honey
pots for security or IDS is LUDICROUS and damned dangerous. It should ONLY
be illegal if the honeypot is specifically in employ to harvest passwords which
THEN are used in the actual commission of a crime. I am sure some dopes in the
fed level as well as in the tech industry as well as in the law/legal industry want to
summarily blanket HoneyPots as totally illegal, end of story.
Hell, if I am being keystroked or log-raided, DAMMIT I HAVE THE RIGHT TO
KNOW, even if it is a federal hacker. If I am being cracked by malicious perps, I
HAVE THE RIGHT TO KNOW, and to WHACK their connection or their box if I
can (rather, if I am INCLINED to...). No banner need be present (except to advise
the misadventuring or wayward link-followers that their personal data may/will be
collected if they proceed any further. Maybe set up 2 or 3 ANNOYING and further
elucidating routines to make CERTAIN the site visitor knows what he/she/it will be
getting into. Crackers and Hackers KNOW absa-G-damn-Mother-effing-lutely well
that they are committing a breach of privacy or security (let's call it what it is:
TRESPASS!) or some act at a level of unwanted and deserving of rejection
probing. If they get caught, fooled, and butt-spanked, screw-em. Tidy up your
attempts and come back another day.
I know that the link points to an article that is over a month old (I guess it was late
in being noticed by TheRegister...), but this (government or legal) assertion that
ANY use of is getting too out of hand. Honeypots are NECESSARY to
self-protection. If the govt has our money to waste on sniffing our daily (and
mostly boring--unless we comment like I do) lives, then they should be prepared
to sniff or snort digital pepper, digital crack, digital dung, or digital herpes up the
nostrils. If companies or individuals or even GOVERNMENT agencies find it
useful or that they HAVE to install credible security, then a honeypot is
INTEGRAL to the audit trail, better than MetaData. It's ACTION DATA. If you can
trap a cracker in a box and study his/her/its techniques, you can better defend
yourself. Oh, I get it. The government or corporate sleuths are getting agitated at
being deflected for weeks only to find out they serve a warrant upon a 95-y.o.,
quadrapelegic, no-eyeballs subject who is as related to the REAL perp as a rock
is to a race car.. (doh, what an analogy...)
Okay, Conspiracy Theory bait. The govt & the commercial sniffers & consultants
lobbies want the prosecution or remedies pie for themselves and want NO Open
Source (or, for that matter, ANY kind of) honeypots or IDS in general use (until
they get all the security keys escrowed to gain transparent access?). Well, honey
pots & IDS are the digital analog to the Security Camera, dead-end hallways;
illegal ejection seats to thwart (or thwack) carjackers; deceptive marketing ads;
military propaganda generators, campaign relations managers, and so on. They're
ONLY illegal if the kill, deceive for illegal end-purposes; anti-missile chaff and
flares; electronic signals interception and redirection of an enemy; and so forth.
Well, here's another thing I awoke thinking of the other day: Been to Kinko's
lately? Noticed those convenient, free to get blank, reuseable chip cards that let
you add credits via cash, debit or credit card? Well, I am still wondering if or when
some Patent or Clearinghouse masters will lobby for and successfully make it a
LEGAL (say it like Carl Sagan said YOO-NEE-VURHS) requirement for ALL copy
shops to link their copiers to networks that have blazing speed watermark or
image scanning capabilities to NOW, now, correlate to wanton users who break
copyright law and lamely charge up their copier cards with their credit cards.
Imagine if BofA's picture base is Federally (or, for that matter, criminally)
wire-tapped and harvested of image/name correlations (for real movements or
stitched-up evidence enhancing). Now, tie that power (not just to a copy shop
but) to long-distance train station, bus/rail, and other venues' security cameras
and "WALLA!" Subject X gave HIS card to Subject Y and SHE broke the law for
Subject Z who is REE-LEE working for ....
ANyway, Better start wondering when copiers will be networked at mass copy
shops. Why? Well, if you're not worried about the government, then imagne if a
sort of "microsoft of patents" emerges and is harvesting the invention ideas (to
help a favored better-funded/faster-acting friend preceed someone (less nimble,
fledgling, and not-sophisticated) to the market with an idea Copi-Vac globally
vacuums up by the minute. Songs, lyrics, poems, love sonnets/letters, blueprints,
lines of software on paper, and numerous other pre-invention-disclosures could
happen, if a company is brazen enough to tap into (or fund but not disclose its
activities on) a network such as this....
No, I am not on drugs and I drink 1 cup of coffee maybe 1 time per week or less
often.
End of this (my) screed..
Take Care.. Think outside the box, but don't let the lid slam down on your head
(or crush your voicebox) ...
David Syes
(
Log in to post comments)
